Re: SET SESSION AUTHORIZATION superuser limitation.

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: SET SESSION AUTHORIZATION superuser limitation.
Дата
Msg-id 22190.1450709824@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Re: SET SESSION AUTHORIZATION superuser limitation.  (Robert Haas <robertmhaas@gmail.com>)
Ответы Re: SET SESSION AUTHORIZATION superuser limitation.  (Dmitry Igrishin <dmitigr@gmail.com>)
Re: SET SESSION AUTHORIZATION superuser limitation.  (Craig Ringer <craig@2ndquadrant.com>)
Список pgsql-hackers
Дерево обсуждения 
Robert Haas <robertmhaas@gmail.com> writes:
> On Sun, Dec 20, 2015 at 1:47 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> The syntax you propose exposes the user's password in cleartext in
>> the command, where it is likely to get captured in logs for example.
>> That's not going to do.

> Of course, right now, the ALTER USER ... PASSWORD command has that
> problem which is, uh, bad.

Which is why we invented the ENCRYPTED PASSWORD syntax, as well as
psql's \password command ... but using that approach for actual
login to an account would be a security fail as well.
        regards, tom lane

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Simon Riggs
Дата:
Сообщение: Avoiding pin scan during btree vacuum
Следующее
От: Robert Haas
Дата:
Сообщение: Re: custom function for converting human readable sizes to bytes